f2fs_io: Add get file name encryption mode

This patch add an ioctl to get filename encryption mode. Signed-off-by: Robin Hsu <robinhsu@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
author: Robin Hsu <robinhsu@google.com> 2021-04-19 16:45:25 +0800
committer: Jaegeuk Kim <jaegeuk@kernel.org> 2021-04-22 08:48:30 -0700
commit: 1531853eb72b335c488171dd0803e9c417de7e1f (patch)
tree: fa0faa190345fad54c667595bace3cd411d5eb17
parent: 3bfcca8c81c6d8c03ad0e88c2414a790d82642ba (diff)
download: f2fs-tools-1531853eb72b335c488171dd0803e9c417de7e1f.tar.gz
2 files changed, 99 insertions, 0 deletions
diff --git a/tools/f2fs_io/f2fs_io.c b/tools/f2fs_io/f2fs_io.c
index 033c256..fa7d3f5 100644
--- a/tools/f2fs_io/f2fs_io.c
+++ b/tools/f2fs_io/f2fs_io.c
@@ -1096,6 +1096,68 @@ static void do_compress(int argc, char **argv, const struct cmd_desc *cmd)
 	exit(0);
 }
 
+#define get_filename_encrypt_mode_desc "get file name encrypt mode"
+#define get_filename_encrypt_mode_help					\
+"f2fs_io filename_encrypt_mode [file or directory path]\n\n"		\
+"Get the file name encription mode of the given file/directory.\n"	\
+
+static void do_get_filename_encrypt_mode (int argc, char **argv,
+						const struct cmd_desc *cmd)
+{
+	static const char *enc_name[] = {
+		"invalid", /* FS_ENCRYPTION_MODE_INVALID (0) */
+		"aes-256-xts", /* FS_ENCRYPTION_MODE_AES_256_XTS (1) */
+		"aes-256-gcm", /* FS_ENCRYPTION_MODE_AES_256_GCM (2) */
+		"aes-256-cbc", /* FS_ENCRYPTION_MODE_AES_256_CBC (3) */
+		"aes-256-cts", /* FS_ENCRYPTION_MODE_AES_256_CTS (4) */
+		"aes-128-cbc", /* FS_ENCRYPTION_MODE_AES_128_CBC (5) */
+		"aes-128-cts", /* FS_ENCRYPTION_MODE_AES_128_CTS (6) */
+		"speck128-256-xts", /* FS_ENCRYPTION_MODE_SPECK128_256_XTS (7) */
+		"speck128-256-cts", /* FS_ENCRYPTION_MODE_SPECK128_256_CTS (8) */
+		"adiantum", /* FS_ENCRYPTION_MODE_ADIANTUM (9) */
+	};
+	int fd, mode, ret;
+	struct fscrypt_get_policy_ex_arg arg;
+
+	if (argc != 2) {
+		fputs("Excess arguments\n\n", stderr);
+		fputs(cmd->cmd_help, stderr);
+		exit(1);
+	}
+
+	fd = xopen(argv[1], O_RDONLY, 0);
+	arg.policy_size = sizeof(arg.policy);
+	ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY_EX, &arg);
+	if (ret != 0 && errno == ENOTTY)
+		ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, arg.policy.v1);
+	close(fd);
+
+	if (ret) {
+		perror("FS_IOC_GET_ENCRYPTION_POLICY|_EX");
+		exit(1);
+	}
+
+	switch (arg.policy.version) {
+	case FSCRYPT_POLICY_V1:
+		mode = arg.policy.v1.filenames_encryption_mode;
+		break;
+	case FSCRYPT_POLICY_V2:
+		mode = arg.policy.v2.filenames_encryption_mode;
+		break;
+	default:
+		printf("Do not support policy version: %d\n",
+							arg.policy.version);
+		exit(1);
+	}
+
+	if (mode >= sizeof(enc_name)/sizeof(enc_name[0])) {
+		printf("Do not support algorithm: %d\n", mode);
+		exit(1);
+	}
+	printf ("%s\n", enc_name[mode]);
+	exit(0);
+}
+
 #define CMD_HIDDEN 	0x0001
 #define CMD(name) { #name, do_##name, name##_desc, name##_help, 0 }
 #define _CMD(name) { #name, do_##name, NULL, NULL, CMD_HIDDEN }
@@ -1125,6 +1187,7 @@ const struct cmd_desc cmd_list[] = {
 	CMD(set_coption),
 	CMD(decompress),
 	CMD(compress),
+	CMD(get_filename_encrypt_mode),
 	{ NULL, NULL, NULL, NULL, 0 }
 };
 
diff --git a/tools/f2fs_io/f2fs_io.h b/tools/f2fs_io/f2fs_io.h
index d53e576..3a0278f 100644
--- a/tools/f2fs_io/f2fs_io.h
+++ b/tools/f2fs_io/f2fs_io.h
@@ -91,6 +91,42 @@ typedef u32	__be32;
 #define F2FS_IOC_DECOMPRESS_FILE        _IO(F2FS_IOCTL_MAGIC, 23)
 #define F2FS_IOC_COMPRESS_FILE          _IO(F2FS_IOCTL_MAGIC, 24)
 
+#ifndef FS_IOC_GET_ENCRYPTION_POLICY
+#define FSCRYPT_POLICY_V1		0
+#define FSCRYPT_KEY_DESCRIPTOR_SIZE	8
+struct fscrypt_policy_v1 {
+	__u8 version;
+	__u8 contents_encryption_mode;
+	__u8 filenames_encryption_mode;
+	__u8 flags;
+	__u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE];
+};
+#define FS_IOC_GET_ENCRYPTION_POLICY		_IOW('f', 21, struct fscrypt_policy_v1)
+#endif
+
+#ifndef FS_IOC_GET_ENCRYPTION_POLICY_EX
+#define FSCRYPT_POLICY_V2		2
+#define FSCRYPT_KEY_IDENTIFIER_SIZE	16
+struct fscrypt_policy_v2 {
+	__u8 version;
+	__u8 contents_encryption_mode;
+	__u8 filenames_encryption_mode;
+	__u8 flags;
+	__u8 __reserved[4];
+	__u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
+};
+/* Struct passed to FS_IOC_GET_ENCRYPTION_POLICY_EX */
+struct fscrypt_get_policy_ex_arg {
+	__u64 policy_size; /* input/output */
+	union {
+		__u8 version;
+		struct fscrypt_policy_v1 v1;
+		struct fscrypt_policy_v2 v2;
+	} policy; /* output */
+};
+#define FS_IOC_GET_ENCRYPTION_POLICY_EX		_IOWR('f', 22, __u8[9]) /* size + version */
+#endif
+
 #define F2FS_IOC_SET_ENCRYPTION_POLICY	FS_IOC_SET_ENCRYPTION_POLICY
 #define F2FS_IOC_GET_ENCRYPTION_POLICY	FS_IOC_GET_ENCRYPTION_POLICY
 #define F2FS_IOC_GET_ENCRYPTION_PWSALT	FS_IOC_GET_ENCRYPTION_PWSALT
author	Robin Hsu <robinhsu@google.com>	2021-04-19 16:45:25 +0800
committer	Jaegeuk Kim <jaegeuk@kernel.org>	2021-04-22 08:48:30 -0700
commit	1531853eb72b335c488171dd0803e9c417de7e1f (patch)
tree	fa0faa190345fad54c667595bace3cd411d5eb17
parent	3bfcca8c81c6d8c03ad0e88c2414a790d82642ba (diff)
download	f2fs-tools-1531853eb72b335c488171dd0803e9c417de7e1f.tar.gz